BSc (Hon.) Cyber Security Management Reading List

Here you will find the texts or resources that have been recommended as suitable for reading on Level 4, Level 5 and Level 6 units in the CSM degree programme at BU. 

_____________________________________________________________

 Level 4 Units

_____________________________________________________________

Cyber Security Management Fundamentals

Cyber Security Fundamentals.ISACA. (Main Unit Text Book)

Information Audit and Control Association (2014) 

Trim, P. And Lee, Y. (2014).Cyber Security Management. Gower. ISBN 1472432096

Gollman, D (2011), Computer Security, 3rd Edition, John Wiley & Son

Garrett Gee (2014), Cyber Security Principles. Paper Street Publishing

Walter Spivak (2014). Cyber Security Principles: Computer Security - Hazards and Threats
_____________________________________________________________

Digital Forensics Fundamentals

Sammons, J. (2014). The Basics of Digital Forensics: The Primer for Getting Started in Digital Forensics (2nd Revised Edition). Syngress Media, Rockland, Massachusetts.
Holt, T.J., Bossler, A.M., Seigfried-Spellar, K.C., (2015). Cybercrime and Digital Forensics: An Introduction. Routledge, London.
Additional texts
Altheide, C., Carvey, H., Davidson, R., (Ed), (2011). Digital Forensics with Open Source Tools. Syngress, Waltham, Massachusetts.
Casey, E., (2011). Digital Evidence and Computer Crime: Forensic Science, Computers, and the Internet (3rd Ed.). Academic Press, Waltham, Massachusetts.
Eckert, C., Katsikas, S.K., Pernul, G., (Eds) (2014). Trust, Privacy, and Security in Digital Business: 11th International Conference, TrustBus 2014, Munich, Germany, September 2-3, 2014. Springer, Berlin.
O’Connor, T.J., (2012). Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers. Syngress, Waltham, Massachusetts.
Petersen, G., Shenoi, S. (Eds) (2014). Advances in Digital Forensics X: 10th Ifip Wg 11.9 International Conference, Vienna, Austria, January 8-10, 2014. Springer-Verlag, Berlin.
Watson, D.L., Jones, A., (2013). Digital Forensics Processing and Procedures: Meeting the Requirements of ISO 17020, ISO 17025, ISO 27001 and Best Practice Requirements. Syngress Media, Rockland, Massachusetts.
Widup, S., (2014). Computer Forensics and Digital Investigation with EnCase Forensic v7. McGraw-Hill, New York, New York.

_____________________________________________________________

Principles of Programming

Z. Shaw (2014). Learn Python the Hard Way: A Very Simple Introduction to the Terrifyingly Beautiful World of Computers and Code (Zed Shaw's Hard Way).

T.J. O’Connor (2012). Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers, Syngress.

J. Seitz (2014). Black Hat Python: Python Programming for Hackers and Pentesters

_____________________________________________________________

Business Systems Analysis

Cadle, J. et al., 2014. Business Analysis. 3rd ed. London: BCS, The Chartered Institute for IT.

IIBA, (2015). A Guide to the Business Analysis Body of Knowledge® (BABOK® Guide). 3rd ed. London: International Institute of Business Analysis.

Loshin, D. & Yen, M., 2012. A Data Quality Primer: Using Data Quality Tools and Techniques to Improve Business Value. 1st ed. London: Melissa Data Corporation

Marr, B. (2012). Key Performance Indicators, London: FT Prentice Hall.

_____________________________________________________________

Computer Security

Wm. Arthur Conklin, Greg White, et.al., 2015. Principles of Computer Security, Fourth Edition (4thed.).McGraw-Hill Osborne Media., USA. (Main Unit Text Book)

Vincent Nestler, Keith Harrison, et.al., 2014, Principles of Computer Security Lab Manual, Fourth Edition, McGraw-Hill Osborne Media., USA

John R. Vacca, 2013, Computer and Information Security Handbook, Second Edition (2nd ed.). Morgan Kaufmann Publishers Inc., San Francisco, CA, USA.

Andrew S. Tanenbaum and Albert S. Woodhull, 2008, Operating Systems Design and Implementation, Third Edition, Pearson Prentice Hall, Upper Saddle River, New Jersey, United States

Kurose, J.F., Ross, K. W., 2013. Computer Networking: A Top-Down Approach. 6th Edition. Pearson.
Bott, F., 2014.Professional Issues in Information Technology, Second Edition, BCS: The Chartered Institute for IT.
_______________________________________________________

Cyber Psychology

Attrill, A. (2015) Cyberpsychology. Oxford: Oxford University Press.

Brace, N. and Byford, J. (2012) Investigating psychology. Oxford: Oxford University Press.

Barak, A. (2008). Psychological aspects of cyberspace: theory, research, applications.
Cambridge: Cambridge University Press.

Coleman, G. (2014) Hacker, hoaxer, whistleblower, spy: The many aces of Anonymous. London: Verso.

Gackenbach, J. (2009). Psychology and the Internet: intrapersonal, interpersonal and
transpersonal implications. San Diego (CA): Academic Press.
_____________________________________________________________

Level 5

_____________________________________________________________

Business Continuity Management

Susan Snedaker, 2013. Business Continuity and Disaster Recovery Planning for IT Professionals. Syngress

Kurt J. Engelmann and Douglas M. Henderson, 2011, Business Continuity and Risk Management: Essentials of Organizational Resilience, Rothstein Publishing

Wei Ning Zechariah Wong, Jianping Shi, 2015, Business Continuity Management System: A Complete Guide to Implementing ISO 22301. Kogan Page Publishing

Andrew N Hiles, 2014 Business Continuity Management: Global Best Practices, Fourth edition, Rothstein Associate Inc

Julia Graham and David Kaye, 2006, A Risk Management Approach to Business Continuity: Aligning Business Continuity with Corporate Governance, Rothstein Publishing

Andrew Hiles, 2010, The Definitive Handbook of Business Continuity Management, third edition, John Wiley & Sons

Dominic Elliott, Ethne Swartz, and BrahimHerbane, 2010, Business Continuity Management, Second Edition: A Crisis Management Approach, Second edition, Routledge

_____________________________________________________________

Cyber Security Management

John R. Vacca, 2013, Computer and Information Security Handbook, Second Edition (2nd ed.). Morgan Kaufmann Publishers Inc., San Francisco, CA, USA.

John Silltow, 2012, Auditing Business Continuity Management Plans. Assess and Improve Your Performance Against ISO 22301, Second Edition, BSI British Standards Institution
Mike Morrison, 2013,Strategic Business Diagnostic Tools - Theory and Practice, CreateSpace Independent Publishing PlatforMichael E. Whitman and Herbert J. Mattord, 2012, Principles of Information Security, Fourth Edition, Course Technology, Boston, MA, United States

Michael E. Whitman and Herbert J. Mattord, 2012, Management of Information Security, Fourth Edition, Delmar Cengage Learning, New York, United States

Bott, F., 2014.Professional Issues in Information Technology, Second Edition, BCS: The Chartered Institute for IT.

Dr Paul Watts 2012, Cyber Security: Concepts and Cases, First Edition, CreateSpace Independent Publishing Platform

_____________________________________________________________

Economics of Information Security

Buckingham, M., & Coffman, C. (1999). First, Break All the Rules-What the World's Greatest Managers Do Differently. NY: Simon & Schuster.

Kaplan, J. (2009). Strategic IT Portfolio Management - Governing Enerprise Transformation. Pittiglio, Rabin, Todd, & McGrath (PRTM), Inc.

Michael P. Gallaher, A. N. (2008). Cyber Security: Economic Strategies and Public Policy Alternatives (1st ed.). Michigan: Edward Elgar.

O, B., & R, B. (2006). The Starfish and The Spider - The Unstoppable Power of Leaderless Organizaitons. . NY: Penguin.

Schneier, B. (2014). Carry on Sound Advice from Schneier on security (1st ed.). Indianapolis: John Wiley & Sons.

________________________________________________

Enterprise Security and Privacy

Ben Halpert, 2011, Auditing Cloud Computing: A Security and Privacy Guide, First Edition, John Wiley & Sons

John R. Vacca, 2013, Computer and Information Security Handbook, Second Edition (2nd ed.). Morgan Kaufmann Publishers Inc., San Francisco, CA, USA.

Ronald L. Krutz and Russell Dean Vines, 2010, Cloud Security: A Comprehensive Guide to Secure Cloud Computing, First Edition, John Wiley & Sons

George Reese, 2009. Cloud Application Architectures: Building Applications and Infrastructure in the Cloud, First Edition, O'Reilly Media
__________________________________________________

Forensic Law and Practice

Card, R., 2010 Card, Cross, and Jones Criminal Law .19thed.Oxford: OUP.

Heaton, R., de Than, C., 2010. Criminal Law Textbook. 2nd ed. Oxford: OUP.

Knight, B., 1998.Lawyer’s Guide to Forensic Medicine .2nd ed. London: Cavendish.

Jefferson, M., 2007. Criminal Law. 8th ed. Essex: Pearson Education Limited

McCartney, C., 2006. Forensic Identification and Criminal Justice: Forensic science, justice and risk . Cullompton:Willan

McEwan, J., 2003.The Verdict Of The Court : Passing Judgment In Law And Psychology. Oxford: Hart.

Padfield, N., 2010. Criminal Law. 7th ed. Oxford: OUP.

Smith & Hogan, 2008. Criminal Law textbook. 12th ed. Oxford: OUP.

Walker, C., and Starmer, K., 1999. Miscarriages of Justice . Blackstone Press: London.

White, P., (ed.), 2004. Crime Scene to Court. Cambridge: Royal Society of Chemistry.

__________________________________________________

Security Information and Event Management (SIEM)

Don Murdoch, (2014) .Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder. CreateSpace publisher, ISBN 1494932636.

Leighton Johnson, 2014, Computer Incident Response and Forensics Team Management - Conducting a Successful Incident Response, Syngress

David Miller, et. al., 2010, Security Information and Event Management (SIEM) Implementation, McGraw-Hill Osborne Media

Moira West Brown, et. al., 2003, Handbook for Computer Security Incident Response Teams (CSIRTs) – CERT/CC, Software Engineering Institute

Georgia Killcrece, 2004, Steps for Creating National CSIRTs – CERT/CC, Software Engineering Institute

_____________________________________________________________

Level 6

_____________________________________________________________

Cyber Security Assurance

Arquilla, J., & Ronfeldt, D. (1997). In Athena's Camp: Preparing for Conflict in the Information
Age. Washington D.C.: RAND National Defense Research Institute.

Knapp, K.J. (2009) Cyber-security and Global Information Assurance: Threat Analysis and
Response Solutions (Premier Reference Source), Information Science Reference.
Morgan, G. (2007). Shifting the Security Paradigm - The Risks of Information Assurance. VDM
Verlag.

Portnoy, M. and Goodman, S. (2010) Global Initiatives to Secure Cyberspace: An Emerging
Landscape (Advances in Information Security), Springer.

NITRD (2015) Cyber Security and Information Assurance (CSIA) Research and Development, Cyber Security and Information Assurance Interagency Working Group (CSIA IWG).

Schneier, B. (2006) Beyond Fear, Springer Science

Shoemaker, D. and Conklin, W. A. (2011) Cybersecurity: The Essential Body Of Knowledge, Cengage Learning

Wang, C.; King, S.; Wachter, R.; et al (2007) Department of Defense Sponsored Information
Security Research: New Methods for Protecting Against Cyber Threats, John Wiley & Sons.
__________________________________________________

Cyber Situation Awareness

Adam Shostack, 2014, Threat Modeling: Designing for Security, First Edition, John Wiley & Sons

Michael S Collins, 2014, Network Security Through Data Analysis: Building Situational Awareness First Edition, O'Reilly Media
Jay Jacobs and Bob Rudis, 2010, Data Driven Security: Analysis, Visualization and Dashboards, First Edition, John Wiley & Sons

__________________________________________________

Cybercrime

Gladyshev, P. Marrington, A., Baggili, I. (Editors), (2015). Digital Forensics and Cyber Crime: Proceedings of the Fifth International Conference, ICDF2C 2013, Moscow, Russia, September 26-27, 2013, Revised Selected Papers. Springer.
Kshetri, N. (2010). The Global Cybercrime Industry: Economic, Institutional and Strategic Perspectives. Springer, Berlin.
Petersen, G., Shenoi, S. (Eds) (2014). Advances in Digital Forensics X: 10th IFIP Working Group 11.9 International Conference, Vienna, Austria, January 8-10, 2014. Springer-Verlag, Berlin.
Sood, A., Enbody, R., (2014). Targeted Cyber Attacks: Multi-Staged Attacks Driven by Exploits and Malware, Syngress, Rockland, MA.
Wall, D.S., Williams, M. (2014). Policing Cybercrime: Networked and Social Media Technologies and the Challenges for Policing. Taylor & Francis, London.

__________________________________________________

CYBER SECURITY MANAGEMENT INDIVIDUAL PROJECT

Anderson, J. and Poole, M., 1994. Assignment and Thesis Writing. 3rd ed. Milton, Qld.: John Wiley & Sons.

Barzun, J. and Graff, H. F., 2004. The Modern Researcher. 6th ed. Belmont CA: Wadsworth Publishing Company.

Berry, R. 2000. The Research Project: How to write it. 4th ed. London: Routledge.

Currie, D., 2005. Developing and Applying Study Skills. London: Chartered Institute of Personnel and Development.

Dawson, C., 2009. Projects in Computing and Information Systems: A Student’s Guide. 2nd ed. Harlow: Prentice Hall.

Dupre, L, 1998. BUGS in Writing. 2nd ed. Harlow: Addison Wesley.

Hughes, B. and Cotterell, M., 2005. Software Project Management. 4th ed, London: McGraw-Hill.

Kurilich, F. and Whitaker, H., 1988. Re:Writing : Strategies for Student Writers. New York: Holt, Rinehart & Winston.

Orna, E. and Stevens, G., 1995. Managing Information for Research. Buckingham: Open University Press.

Weaver, P.L., 2004. Success in your project. Financial Times Prentice Hall.